Monday, January 22, 2007

Laurie: As an example of the security of an open source product, there is a web server many people will not have heard of called Apache. Quite often when I am speaking at a high level conference I actually ask the question of the room, "Who here has heard of Apache?" and maybe ten per cent of the people in the room will know. I will then ask, "Who has heard of Microsoft?" - big laugh, of course everyone knows Microsoft, and then it surprises them to learn that Apache SSL, which is the secure web server version of it, has 70 per cent of the world market in secure servers. In its ten-year history there have only been three security alerts and two of those were because of external libraries that were being used, so there has only ever in its ten year history been one issue specific to Apache SSL itself.